Module Name
Juniper Networks vSRX Virtual Firewall
Validation Dates
12/03/2018
Caveat
When operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The vSRX delivers a complete and integrated virtual security solution, including unified threat management(UTM), intrusion detection and prevention (IDP), granular application control and robust networking. It provides seamless automated life cycle management capabilities making it an ideal solution for Service Providers, Cloud and Enterprise deployments. The vSRX supports Juniper Networks Contrail, OpenContrail, Openstack and other third-party solutions.
Tested Configuration(s)
- Junos OS 17.4R1-S1 on VMWare ESXi 6.0 running on a HP ProLiant DL380 Gen9 Server with Intel Xeon E5 (single-user mode)
FIPS Algorithms
AES |
Certs. #5305, #5306 and #5341 |
CVL |
Certs. #1771 and #1772 |
DRBG |
Certs. #2040, #2044 and #2045 |
ECDSA |
Certs. #1390 and #1391 |
HMAC |
Certs. #3502, #3506, #3509, #3510 and #3538 |
KTS |
AES Certs. #5305, #5306 and HMAC Certs. #3509 and #3510; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
Triple-DES Certs. #2681 and #2682 and HMAC Certs. #3509 and #3510; key establishment methodology provides 112 bits of encryption strength |
RSA |
Certs. #2840 and #2841 |
SHS |
Certs. #4256, #4260, #4263, #4264 and #4292 |
Triple-DES |
Certs. #2681, #2682 and #2700 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1771 and #1772, key agreement; key establishment methodology provides between 112 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1771 and #1772, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Software Versions
Junos OS 17.4R1-S1